CVE-2026-33632 — HIGH (7.8)

Q: How severe is CVE-2026-33632?

CVE-2026-33632 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2026-33632?

Check the references section above for vendor advisories and patch information. Affected products include: Craigjbass Clearancekit.

Vulnerability Description

ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. Prior to version 4.2.4, two file operation event types — ES_EVENT_TYPE_AUTH_EXCHANGEDATA and ES_EVENT_TYPE_AUTH_CLONE — were not intercepted by ClearanceKit's opfilter system extension, allowing local processes to bypass file access policies. Commit 6181c4a patches the vulnerability by subscribing to both event types and routing them through the existing policy evaluator. Users must upgrade to v4.2.4 or later and reactivate the system extension.

CVSS Score

7.8

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Craigjbass	Clearancekit	< 4.2.4

Related Weaknesses (CWE)

CWE-862

References

FAQ

What is CVE-2026-33632?

CVE-2026-33632 is a vulnerability with a CVSS score of 7.8 (HIGH). ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. Prior to version 4.2.4, two file operation event types — ES_EVENT_TYPE_AUTH_EXCHANGEDATA and ES_EVE...

How severe is CVE-2026-33632?

CVE-2026-33632 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2026-33632?

Check the references section above for vendor advisories and patch information. Affected products include: Craigjbass Clearancekit.